Thursday, March 3, 2011

Security by Design

Beautiful Security

Chapter Ten

Security by Design

Security vulnerabilities contribute to low reliable, poor system performance, and poor quality system. What we need to do is focusing on achieving security and quality before expanding the feature set product. What the authors suggest is achieving appropriate levels of quality and security then transition a product to volume production.
Before developing a program;
·        Determine the attributes that need to be measured
·        Interdependencies of these attributes
·        And the acceptable levels for these attribute.



Some suggestions:

·        Develop risk based security programs that address security at all phases of the system development lifecycle.
·        Instead of testing security into the system, design security.
·        Good design discipline reduces the total cost of designing, developing and operating a system in many cases.
·        Well designed system will provide significant benefits in improved security.




Reference:

Oram, Andy, Viega, John (2009). “Beautiful Security, Leading Security Experts Explain How They Think”, Copyright 2009 O’reilly Media, Inc.

No comments:

Post a Comment